CyberheistNews Vol 3, # 49

CyberheistNews Vol 3, # 49
Stu Sjouwerman's New Security Newsletter Don't miss the Fave Links! Case Studies Resources About Us Contact Us
Facebook LinkedIn Blog Twitter YouTube YouTube

CyberheistNews Vol 3, 49

Editor's Corner


Scam Of The Week: Holiday Deals

The 2013 Holiday Season is in full swing. Employees use the web to buy gifts both from the office and at the house. Last week, Black Friday started a month of high-intensity online shopping. Last year, Internet protection company BrandProtect found that almost 3,000 fraudulent Holiday shopping sites were registered, and this year is not any different.

These sites use special savings and "killer deals" as bait for phishing emails, and the scams infiltrate mobile apps and social media as well. Warn your users that the excitement of getting an awesome deal before it sells out often makes people throw out common sense and forget security policy. The bad guys count on this.

To make sure they don't lose out, users will click on suspicious links without first hovering to see where it goes, and open infected email attachments trying to get a great holiday deal. With Black Friday and Cyber Monday stretching out over weeks now, users really need to STOP, LOOK and THINK before they click.

Especially when an employee is using a mobile device to do their Holiday shopping this is a problem. Insecure online behavior by employees exposes your network resources and puts your company data to risk. Especially at this time of year, when a deal sounds too good to be true, it very likely is. Warn them, because your users are an essential part of your defense-in-depth.

The Antivirus Industry’s Dirty Little Secret

In IT we all know that antivirus never gives a 100% protection. But it is often very hard to communicate this to management and make the case for defense-in-depth. The higher-up management gets, the less they are familiar with IT, and that results in budget problems. This article was written for non-technical management and is meant as ammo to help you get more budget for IT security. Send it to your management team and help them understand:

The Antivirus Industry’s Dirty Little Secret

The Antivirus industry has a dirty little secret that they really don’t want anyone to know. Despite the claims of their marketing departments, their products are not all that effective. Many of them are only protecting against at best 80% or 90% of the threats out there in the wild at any time.

Let’s look at that in more detail. AV products need to protect against two general types of threats: ones that are known and threats that are unknown. The ones that are known, they have a signature for so that they can detect the threat and get rid of it. This is called reactive detection.

Then, there are threats that are still unknown, usually new, fresh threats created by the bad guys. AV products need to protect against those in a proactive way, and antivirus software can be scored looking at how many of those new threats they block.

This type of scoring on both reactive and proactive detection is actually being done by the antivirus industry’s premier site for insiders: Virus Bulletin. They have created so called RAP averages. RAP stands for “Reactive And Proactive”. They test all antivirus products every few months, and measure how each product does in both reactive and proactive detections of a large amount of threats. And they create a graph where these scores are plotted for all products. The proactive score is on the X-axis, and the reactive score is on the Y-axis.

The results are far from pretty, and you see none of the antivirus vendors promote their results with this test, for good reason. One well known, major antivirus industry player is routinely scoring no better than 80% reactive combined with a 70% proactive. And people wonder how come PCs still get infected by malware.

Click here to see the most recent graph full size at Virus Bulletin: You can check there how your antivirus vendor is doing, be prepared for a shocker though:

The bad guys know this, and count on it. That is why having antivirus (end-point security if you will) creates a false sense of security. Yes, you need antivirus, but don't rely on it for 100% protection. It is just as urgent for your defense-in-depth to have all employees do regular Internet Security Awareness Training and enforce compliance. Just one employee in a weak moment gets social engineered, clicks on a phishing email, and can cause untold grief, losses of hundreds of thousands of dollars, and massive legal bills.

Want to see how big your phishing attack surface is? How many of your email addresses can be found by the bad guys on the Internet, and used for a spear-phishing attack? Get your one-time FREE Email Exposure Check now:

Quotes of the Week

"The face is the mirror of the mind, and eyes without speaking confess the secrets of the heart." - St. Jerome

"One of the secrets of life is that all that is really worth the doing is what we do for others." - Lewis Carroll

Thanks for reading CyberheistNews! Please forward to your friends. But if you want to unsubscribe,
you can do that right here

Thanks for reading CyberheistNews! Warm Regards, Stu Sjouwerman | Email me:
Facebook LinkedIn Blog Twitter YouTube YouTube

New Training Module: Mobile Device Security

We are excited to announce we have a new module available that you can use to give additional training to employees who use mobile devices. BYOD is increasingly becoming a vector for attack and infection. This module was developed to give employees additional training, and hints and tips regarding secure online behavior when they use their laptop, tablet or smartphone on the road. Find out more about the content and request a quote at this new page. The cost for add-on modules is super low:


NEW: KnowBe4 Glossary - Malware & Social Engineering

This is an updated glossary based on our years in Sunbelt Software as an antivirus developer, and in KnowBe4 as a security awareness player. We are sharing it as a resource, and it has dozens of links to relevant articles on Wikipedia and many other sites. Let me know if we missed a term you were looking for and we'll add it!


Social Engineering Causes Seattle Hospital 90K Databreach

Personal Health Information of 90,000 patients was accessed by hackers because an employee opened an infected email attachment early October this year. When will they learn that employees are the weak link in IT Security and need effective security awareness training? This could easily have been prevented, but now will cause millions of dollars in damage and a lot of anguish for the patients who now could be the next target.

Despite the fact UW Medicine claimed that patient information was not sought or targeted, that is likely wishful thinking. There is a market for complete patient records in the criminal dark web economy. A single patient's medical record is worth $30 - 50 on the black market, and the reason for that high number is that a person cannot "delete" their own medical history, like you could cancel a stolen credit card number.

Now 90,000 people need to watch their email, because the bad guys have all the information to send them highly targeted spear-phishing email, for instance offering them new health care insurance at a very advantageous rate.

UW Medicine said in their Press Release:

"In early October 2013, a UW Medicine employee opened an email attachment that contained malicious software (malware). The malware took control of the computer, which had patient data stored on it. UW Medicine staff discovered this incident the following day and immediately took measures to prevent any further malicious activity.

Data about patients may have included: name, medical record number, other demographics (which may include address, phone number), dates of service, charge amounts for services received at UW Medicine, Social Security Number or HIC (Medicare) number, date of birth.

The incident was referred to the FBI, and patients may be contacted by the FBI as part of its investigation. UW Medicine has also implemented a review, training and outreach effort as a result of this incident."

Talk about closing the barn door after the horse has bolted...


Help Me Out? I need 5 minutes Of Your Time!

You need to be PCI Compliant, and I have a quick, interesting survey for you because I need your feedback on a new time-saving online compliance manager we are rolling out.

There is a prize for everyone!

Everyone who fills out the survey gets a free key for the Kevin Mitnick Home Internet Security course. This is an hour's worth of training for your family how to stay safe on the Internet with a value of $29.95. You can also give this course as a gift to 5 friends, a great way to stay safe online during the holidays. See:

Next, there will be a $500 prize for one person, given at random, managed by SurveyMonkey. The odds are pretty good. Last but not least, I need your suggestions for a product name and the winner gets an iPad Air! So please take 5 minutes now? The deadline for the $500 is December 15 so please do this right away? Thanks very much in advance! Here is the survey:


Cyberheist 'FAVE' LINKS:

* This Week's Links We Like. Tips, Hints And Fun Stuff.

SUPER FAVE: A guy doing 300 km/h (186 mph) on his Kawa Superbike on the German autobahn gets casually passed by an Audi RS6. Unbelievable:

Samurai girl finally gets it right. This is -not- as easy as it seems:

Did you know that Formula One cars create enough down force to be able to drive upside down? From the BBC, very interesting:

Footage shot from 1896-1900 in Paris, Milan, London, Venice, New York and other cities around the world. This is how much the world has changed in the past 120 years:

Dancer Agnieszka Marczak astounds with her grace and flexibility at the finals of 'Poland's Got Talent.' This girl is made out of rubber:

Bears Acting Like Humans Compilation:

You gotta watch this hilarious, sweet little lip syncing Christmas song. Wait for the bass 'singer' - he is an absolute riot. Classic:

An amazing demonstration of the flying capabilities of the Mi-8 helicopter. This pilot has NO FEAR:

Thorium-Fueled Car Only Needs A Fill-Up Once A Century:

Worlds First 360° Barrel Roll In A Car:

Koi fish swim in circle - a very unusual sighting. Recorded at the Kek Lok Si Temple in Air Itam, Penang, Malaysia:

Facebook LinkedIn Blog Twitter YouTube YouTube

Subscribe To Our Blog

Anti-Phishing Guide ebook

Get the latest about social engineering

Subscribe to CyberheistNews